Connect with us

Hi, what are you looking for?


Data Protection

Windows Information Protection to Address Data Leaks in Windows 10

One of the features that Microsoft will debut in the upcoming Windows 10 Anniversary Update, is Windows Information Protection (WIP), a feature meant to keep user’s information safe even when data leaks occur.

One of the features that Microsoft will debut in the upcoming Windows 10 Anniversary Update, is Windows Information Protection (WIP), a feature meant to keep user’s information safe even when data leaks occur.

Previously referred to as enterprise data protection (EDP), WIP provides Windows with the ability to identify personal and business information, as well as to determine which applications have access to it, Microsoft says. Moreover, it also ensures that Windows can offer the basic controls necessary to determine what users can do with business data.

Microsoft LogoWIP has been designed specifically to work with Office365 ProPlus and Azure Rights Management, which can keep business data protected when it leaves the device or when it’s shared with others. With WIP, some of the basic data protection features available in Office365 and Azure Rights Management are coming to Windows itself, Microsoft’s Chris Hallum and Nathan Mercer explain in a blog post.

Windows already has data protection mechanisms in place, such as BitLocker, which Microsoft touts as a great solution when it comes to lost or stolen devices. When data is accidentally or intentionally leaked, however, BitLocker is ineffective, and this is where WIP comes into play. What’s more, it can help protect data without affecting the overall user experience, Microsoft says.

“Just turn on a few policies in your MDM (e.g.: Microsoft Intune) or System Center Configuration Manager and WIP is ready to go. WIP’s capability is fully integrated within the experience your users are already familiar with, and they can continue to use the apps that they, or IT, choose to access protected content. WIP doesn’t require users to use special folders, change modes, use alternate apps, move into secure zones or partitions, etc,” Hallum and Mercer say.

The solution has been designed to work completely behind the scene to keep data secure regardless of where on the device it is located. Moreover, the protection continues even when the data is copied to removable storage devices such as USB drives.

Windows Information Protection is integrated in the platform, thus ensuring compatibility with most of the existing applications, something that not all third-party solutions can deliver. However, there will be applications that will require various changes to support WIP, namely those who can work on personal and business data in parallel, or have the ability to egress data outside of the corporate boundary.

WIP also ensures that only authorized users and applications can access business data, thus protecting data from leaks, even on devices with multiple user profiles. Moreover, the solution was designed to prevent certain operations involving the content of business documents, such as copy and paste, further preventing leaks.

Advertisement. Scroll to continue reading.

According to Microsoft, WIP won’t prevent users from copying content between business applications and documents, but it will prevent them from leaking the data to personal or public domains, unless the IT department sets a policy that allow them to do so. In such cases, auditing will occur in the background, while users will be encouraged to act in a responsible manner, compliant with the corporate policy.

The goal with WIP, Hallum and Mercer explain, was to create a solution that every customer would be willing to deploy, one that would work with existing apps and would require little user interaction. The resulting product is suitable for both SMBs and enterprises and can provide “the fundamentals of information protection” right out of the box, while also designed to work with Azure Rights Management and Office365 to ensure maximum data leak prevention.

Over the past several months, Microsoft has announced a variety of updates and enhancements meant to improve the security of its Windows 10 users, such as the Windows 10 compatibility in Enhanced Mitigation Experience Toolkit (EMET) 5.5. In March, the company announced Windows Defender Advanced Threat Protection, a service designed to improve the protection it offers to enterprise customers.

Just last week, Microsoft detailed the various changes that Windows Hello, its end to end multi-factor authentication solution, will go through as soon as Windows 10 Anniversary Update arrives in early August. It already included biometric authentication capabilities, but it will soon take over Microsoft Passport’s functions, and will also add support for companion devices, Microsoft said.

Related: Office 365 Users Need Better Care of Sensitive Data: Report

Related: Broadly Shared Files a High Risk for Enterprise Data: Report

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.


The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...